Nmap Development mailing list archives

Re: [RFC] Default NSE Scripts

From: "Kris Katterjohn" <katterjohn () gmail com>
Date: Sun, 11 May 2008 00:06:13 +0530

On 5/10/08, Fyodor <fyodor () insecure org> wrote:

On Sat, May 10, 2008 at 04:43:15AM +0000, Brandon Enright wrote:


Who knows if any of this crap would actually hold up in court.  I
really don't think any scripts in the default category though should
also fall into the "askalayer" category.

A user of Nmap takes responsibility for their actions into their own
hands.  Lets not have the proverbial gun pointing at their foot by
default though, lets make them aim it there on their own.


I see your point, but I think that many/most scripts have the
potential to annoy the sorts of people would would put out a public
FTP server with anonymous access enabled, and then complain when
people log in.  Also, these scripts won't run with a deafult scan like
"nmap <target>".  Only if you specify scripting with an option such as
-sC or -A.  And anonFTP has run by default (if you're ask for
scripting) since it was added in 2006 and I haven't heard any
complaints about it being default.  So this isn't a change in
behavior.


This topic had crossed my mind when I was making the lists.  I, too,
figured that since anonFTP has always been running by default that it
was OK to be on the new list.  But thank you, Brandon, for bringing up
the FTP banners because I hadn't considered them.

Maybe what we need to do is document better that -sC/-A are
particularly intrusive and really shouldn't be run without permission
of the target network.

While I don't think I'd want exploits running by default with -sC, I'd
like to have vulnerability checks included so that Nmap can tell you
if it sees a gaping hole.  And many admins don't like folks
vuln-checking their servers without permission.


I like the idea of basic checks being performed, and I also agree that
the docs should probably be updated.  I can work on this along with
the other docs I'm updating for the new category.

Cheers,
-F


Thanks,
Kris Katterjohn

_______________________________________________
Sent through the nmap-dev mailing list
http://cgi.insecure.org/mailman/listinfo/nmap-dev
Archived at http://SecLists.Org

Current thread:

[RFC] Default NSE Scripts Kris Katterjohn (May 09)
- Re: [RFC] Default NSE Scripts Fyodor (May 09)
- Re: [RFC] Default NSE Scripts Brandon Enright (May 09)
  - Re: [RFC] Default NSE Scripts Fyodor (May 09)
    - Re: [RFC] Default NSE Scripts Brandon Enright (May 09)
    - Re: [RFC] Default NSE Scripts Fyodor (May 09)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
    - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
    - Re: [RFC] Default NSE Scripts Fyodor (May 10)
- Re: [RFC] Default NSE Scripts jah (May 10)
  - Re: [RFC] Default NSE Scripts Kris Katterjohn (May 10)
    - Re: [RFC] Default NSE Scripts Daniel Roethlisberger (May 12)
    - Re: [RFC] Default NSE Scripts Arturo 'Buanzo' Busleiman (May 12)
    - Re: [RFC] Default NSE Scripts Fyodor (May 12)
    - Re: [RFC] Default NSE Scripts Fyodor (May 12)
  - Re: [RFC] Default NSE Scripts Diman Todorov (May 11)
- Re: [RFC] Default NSE Scripts Fyodor (May 12)

(Thread continues...)